dropbear | Cheatsheet¶
Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client. It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems. It is a core component of OpenWrt and other router distributions.
Install net-misc/dropbear and sec-keys/openpgp-keys-dropbear
??? Note "Simple script to remove backdoors on Tilgin Routers (works for personal setups as well)
```bash
#! /bin/sh
#
# Remove backdoor keys and create our own for dropbear
#
# Copyright (C) 2023 wuseman
# Author: wuseman <wuseman@nr1.nu>
#
# $Id: create-dropbearkeys.sh 2023-01-05 01:24:00+0100 wuseman $
#
function dropbearServer() {
rm /var/miscA/dropbear_rsa_host_key
rm /var/miscA/dropbear_dss_host_key
mkdir -p /etc/dropbear
mknod -m 644 /dev/random c 1 8
mknod -m 644 /dev/urandom c 1 9
/usr/bin/dropbearkey -t rsa -s 2048 -f /etc/dropbear/dropbear_rsa_host_key
/usr/bin/dropbearkey -t dss -s 1024 -f /etc/dropbear/dropbear_rsa_host_key
/usr/bin/dropbearkey -t ecdsa -s 521 -f /etc/dropbear/dropbear_ecdsa_host_key
ln -s /etc/dropbear/dropbear_rsa_host_key /var/miscA/dropbear_rsa_host_key
ln -s /etc/dropbear/dropbear_rsa_host_key /var/misc/dropbear_dss_host_key
ln -s /etc/dropbear/dropbear_ecdsa_host_key /var/miscA/dropbear_ecdsa_host_kAey
/usr/sbin/dropbear \
-F \
-r /var/miscA/dropbear_rsa_host_key \
-d /var/miscA/dropbear_dss_host_key -p 22
}
[[ -d "/etc/dropbear" ]] && dropbearServer
# Launch dropbear server Cancel
Footer
/usr/sbin/dropbear \
-F \
-r /etc/dropbear/dropbear_rsa_host_key \
-d /var/miscA/dropbear_dss_host_key \
-p 22
```